Weekly Vulnerabilities Reports > September 23 to 29, 2013

Overview

79 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 17 high severity vulnerabilities. This weekly summary report vulnerabilities in 63 products from 36 vendors including Cisco, HP, IBM, Redhat, and Open Xchange. Vulnerabilities are notably categorized as "Improper Input Validation", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 62 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities have public exploit available.
  • 20 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 72 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 25 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-27 CVE-2013-5403 IBM Unauthorized Access vulnerability in IBM WebSphere DataPower XC10 Appliance

Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors.

10.0
2013-09-23 CVE-2013-5932 Sophos Unspecified vulnerability in Sophos Unified Threat Management Software 9.007

Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack vectors.

10.0
2013-09-23 CVE-2013-5486 Cisco OS Command Injection vulnerability in Cisco Prime Data Center Network Manager

Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036.

10.0
2013-09-28 CVE-2013-2068 Redhat Path Traversal vulnerability in Redhat Cloudforms Management Engine 5.1

Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a ..

9.4

17 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-24 CVE-2012-4078 Cisco Improper Authentication vulnerability in Cisco Unified Computing System

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.

8.5
2013-09-27 CVE-2013-5480 Cisco Improper Input Validation vulnerability in Cisco IOS

The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733.

7.8
2013-09-27 CVE-2013-5479 Cisco Improper Input Validation vulnerability in Cisco IOS

The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730.

7.8
2013-09-27 CVE-2013-5478 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023.

7.8
2013-09-27 CVE-2013-5477 Cisco Improper Input Validation vulnerability in Cisco IOS

The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465.

7.8
2013-09-27 CVE-2013-5476 Cisco Improper Input Validation vulnerability in Cisco IOS 15.1/15.2

The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, when content filtering or HTTP ALG inspection is enabled, allows remote attackers to cause a denial of service (device reload or hang) via crafted IPv4 HTTP traffic, aka Bug ID CSCtx56174.

7.8
2013-09-27 CVE-2013-5475 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8
2013-09-27 CVE-2013-5474 Cisco Race Condition vulnerability in Cisco IOS

Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812.

7.8
2013-09-27 CVE-2013-5473 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011.

7.8
2013-09-23 CVE-2013-5490 Cisco Information Exposure vulnerability in Cisco Prime Data Center Network Manager

Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148.

7.8
2013-09-23 CVE-2013-5487 Cisco Information Exposure vulnerability in Cisco Prime Data Center Network Manager

DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029.

7.8
2013-09-25 CVE-2013-5200 Open Xchange Improper Authentication vulnerability in Open-Xchange Appsuite

The (1) REST and (2) memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 do not require authentication, which allows remote attackers to obtain sensitive information or modify data via an API call.

7.5
2013-09-23 CVE-2013-5931 Real Estate PHP Script SQL Injection vulnerability in Real-Estate-PHP-Script Real Estate PHP Script

SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid parameter.

7.5
2013-09-23 CVE-2013-5917 Rodrigo Coimbra
Wordpress
SQL Injection vulnerability in Rodrigo Coimbra Nospam PTI 2.1

SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the comment_post_ID parameter.

7.5
2013-09-28 CVE-2013-5959 Bluecoat Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bluecoat Proxysg and Proxysgos

Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests.

7.1
2013-09-27 CVE-2013-5481 Cisco Improper Input Validation vulnerability in Cisco IOS

The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817.

7.1
2013-09-27 CVE-2013-5472 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226.

7.1

50 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-25 CVE-2013-5933 Google
Motorola
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket.

6.9
2013-09-25 CVE-2013-5373 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Rational Clearcase

The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.

6.9
2013-09-25 CVE-2013-4777 Google
Motorola
Permissions, Privileges, and Access Controls vulnerability in multiple products

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.

6.9
2013-09-25 CVE-2013-1060 Canonical Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu Linux

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.

6.9
2013-09-23 CVE-2013-5691 Freebsd Permissions, Privileges, and Access Controls vulnerability in Freebsd

The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in FreeBSD 8.3 through 9.2-STABLE do not validate SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR, and SIOCSIFNETMASK requests, which allows local users to perform link-layer actions, cause a denial of service (panic), or possibly gain privileges via a crafted application.

6.9
2013-09-23 CVE-2013-4325 HP Permissions, Privileges, and Access Controls vulnerability in HP Linux Imaging and Printing Project

The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process.

6.9
2013-09-28 CVE-2013-0598 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Rational Clearquest

Cross-site request forgery (CSRF) vulnerability in the Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to hijack the authentication of arbitrary users.

6.8
2013-09-27 CVE-2013-5942 Graphite Project Code Injection vulnerability in Graphite Project Graphite

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2) storage.py, (3) render/datalib.py, and (4) whitelist/views.py, a different vulnerability than CVE-2013-5093.

6.8
2013-09-27 CVE-2013-5093 Graphite Project Code Injection vulnerability in Graphite Project Graphite

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.

6.8
2013-09-25 CVE-2013-5937 Click2Sell
Drupal
Cross-Site Request Forgery (CSRF) vulnerability in Click2Sell Suite Module 6.X1.0

Cross-site request forgery (CSRF) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete database information via vectors involving the Drupal Form API.

6.8
2013-09-23 CVE-2013-5119 Zimbra Improper Authentication vulnerability in Synacor Zimbra Collaboration Suite

Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token.

6.8
2013-09-23 CVE-2013-1431 Simon Mcvittie Improper Input Validation vulnerability in Simon Mcvittie Telepathy Gabble

The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.

6.8
2013-09-23 CVE-2013-5696 Glpi Project Cross-Site Request Forgery (CSRF) vulnerability in Glpi-Project Glpi

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary PHP code via an update_1 action.

6.8
2013-09-24 CVE-2012-4089 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System

MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239.

6.6
2013-09-27 CVE-2012-1313 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Computing System

The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772.

6.5
2013-09-26 CVE-2012-4092 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System

The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug ID CSCtk00683.

5.8
2013-09-23 CVE-2012-5338 Jforum Improper Input Validation vulnerability in Jforum 2.1.9

Open redirect vulnerability in JForum 2.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnPath parameter in a validateLogin action to jforum.page.

5.8
2013-09-28 CVE-2013-4112 Jgroups
Redhat
Information Exposure vulnerability in multiple products

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

5.4
2013-09-24 CVE-2012-4094 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Computing System

Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198.

5.4
2013-09-25 CVE-2012-4086 Cisco Command Injection vulnerability in Cisco Unified Computing System

A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790.

5.1
2013-09-24 CVE-2012-4087 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System

A cluster setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793.

5.1
2013-09-27 CVE-2013-5498 Cisco Improper Input Validation vulnerability in Cisco IOS XR

The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963.

5.0
2013-09-26 CVE-2012-4079 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206.

5.0
2013-09-25 CVE-2013-5750 Friends OF Symfony Project Resource Management Errors vulnerability in Friends of Symfony Project Fosuserbundle

The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation.

5.0
2013-09-24 CVE-2012-4085 Cisco Improper Input Validation vulnerability in Cisco Unified Computing System

The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCtg20761.

5.0
2013-09-23 CVE-2013-1443 Djangoproject Improper Authentication vulnerability in Djangoproject Django

The authentication framework (django.contrib.auth) in Django 1.4.x before 1.4.8, 1.5.x before 1.5.4, and 1.6.x before 1.6 beta 4 allows remote attackers to cause a denial of service (CPU consumption) via a long password which is then hashed.

5.0
2013-09-23 CVE-2013-5502 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Mediasense

The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344.

5.0
2013-09-23 CVE-2013-4818 HP Remote Unauthorized Access vulnerability in Multiple HP IceWall Products

Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, and IceWall File Manager 3.0 through SP4 allows remote attackers to obtain sensitive information via unknown vectors.

5.0
2013-09-23 CVE-2013-4817 HP Remote Unauthorized Access vulnerability in HP IceWall SSO

Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote attackers to obtain sensitive information via unknown vectors.

5.0
2013-09-23 CVE-2013-5666 Freebsd Information Exposure vulnerability in Freebsd 9.2

The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information (kernel memory) via a length greater than the length of the file.

4.7
2013-09-28 CVE-2013-5161 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS

Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors.

4.4
2013-09-28 CVE-2013-4276 Littlecms Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Littlecms Little CMS Color Engine

Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.

4.3
2013-09-27 CVE-2013-5943 Graphite Project Cross-Site Scripting vulnerability in Graphite Project Graphite

Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2013-09-26 CVE-2013-4626 Marketpress
Wordpress
Cross-Site Scripting vulnerability in Marketpress Backwpup Plugin

Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.

4.3
2013-09-26 CVE-2012-4088 Cisco Credentials Management vulnerability in Cisco Unified Computing System

The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769.

4.3
2013-09-25 CVE-2013-5938 Click2Sell
Drupal
Cross-Site Scripting vulnerability in Click2Sell Suite Module 6.X1.0

Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form.

4.3
2013-09-25 CVE-2013-5586 Wikkawiki Cross-Site Scripting vulnerability in Wikkawiki

Cross-site scripting (XSS) vulnerability in wikka.php in WikkaWiki before 1.3.4-p1 allows remote attackers to inject arbitrary web script or HTML via the wakka parameter to sql/.

4.3
2013-09-25 CVE-2013-5936 Open Xchange Information Exposure vulnerability in Open-Xchange Appsuite

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200.

4.3
2013-09-25 CVE-2013-5935 Open Xchange Information Exposure vulnerability in Open-Xchange Appsuite

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended location, a different vulnerability than CVE-2013-5200.

4.3
2013-09-25 CVE-2013-5118 Good Cross-Site Scripting vulnerability in Good FOR Enterprise

Cross-site scripting (XSS) vulnerability in the Good for Enterprise app before 2.2.4.1659 for iOS allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail message.

4.3
2013-09-25 CVE-2013-4024 IBM Information Exposure vulnerability in IBM products

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote attackers to read session cookies by sniffing the network.

4.3
2013-09-24 CVE-2013-5911 Tenable Cross-Site Scripting vulnerability in Tenable Securitycenter 4.6/4.7

Cross-site scripting (XSS) vulnerability in devform.php in Tenable SecurityCenter 4.6 through 4.7 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

4.3
2013-09-24 CVE-2013-3616 Knowledgeview Cross-Site Scripting vulnerability in Knowledgeview Editorial and Management Application

Cross-site scripting (XSS) vulnerability in the KnowledgeView Editorial and Management application allows remote attackers to inject arbitrary web script or HTML via the username parameter.

4.3
2013-09-24 CVE-2013-3589 Dell Cross-Site Scripting vulnerability in Dell products

Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter.

4.3
2013-09-23 CVE-2013-5930 Real Estate PHP Script Cross-Site Scripting vulnerability in Real-Estate-PHP-Script Real Estate PHP Script

Cross-site scripting (XSS) vulnerability in search_residential.php in Real Estate PHP Script allows remote attackers to inject arbitrary web script or HTML via the bos parameter.

4.3
2013-09-23 CVE-2012-2624 CGI Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in CGI Hotscan

Stack-based buffer overflow in Logica HotScan allows remote attackers to cause a denial of service (crash) via a crafted packet.

4.3
2013-09-23 CVE-2013-5918 Platinum SEO Project
Wordpress
Cross-Site Scripting vulnerability in Platinum SEO Project Platinum SEO Plugin

Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin before 1.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

4.3
2013-09-23 CVE-2013-4814 HP Cross-Site Scripting vulnerability in HP XP 9000 Command View

Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View Advanced Edition Suite Software 7.x before 7.5.0-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2013-09-25 CVE-2013-5934 Open Xchange Credentials Management vulnerability in Open-Xchange Appsuite

Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this password in the source code and then sending the password in a Hazelcast cluster API call, a different vulnerability than CVE-2013-5200.

4.0
2013-09-23 CVE-2013-4821 HP Remote Denial of Service vulnerability in HP System Management Homepage

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors.

4.0

8 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2013-09-23 CVE-2013-5710 Freebsd Permissions, Privileges, and Access Controls vulnerability in Freebsd

The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.

3.7
2013-09-25 CVE-2013-4022 IBM Credentials Management vulnerability in IBM products

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypass intended access restrictions via unknown vectors.

3.5
2013-09-23 CVE-2013-4819 HP Remote Unauthorized Access vulnerability in HP IceWall SSO

Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote authenticated users to obtain sensitive information via unknown vectors.

3.5
2013-09-28 CVE-2013-5160 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS

Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL pointer dereference.

3.3
2013-09-23 CVE-2013-4820 HP Remote Unauthorized Access vulnerability in Multiple HP IceWall Products

Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, IceWall SSO SAML2 Agent Option 8.0, IceWall SSO JAVA Agent Library 8.0 through 10.0, IceWall Federation Agent 3.0, and IceWall File Manager 3.0 through SP4 allows remote authenticated users to obtain sensitive information via unknown vectors.

2.1
2013-09-28 CVE-2013-1921 Redhat Cryptographic Issues vulnerability in Redhat Jboss Enterprise Application Platform

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file.

1.9
2013-09-25 CVE-2013-4025 IBM Permissions, Privileges, and Access Controls vulnerability in IBM products

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

1.9
2013-09-23 CVE-2013-2217 Jeff Ortel
Opensuse
Redhat
Link Following vulnerability in multiple products

cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.

1.2